In order to improve the security of Web applications, there is a technique of diagnosing vulnerable parts of the Web applications in advance. For example, Patent Document 1 discloses that when parameters are designated, vulnerability inspection processing is performed by determining inspection items corresponding to the designated parameters using a configuration file showing the correspondence between the parameters to be inspected and the inspection items.